CVE-2010-0919 (GCVE-0-2010-0919)
Vulnerability from cvelistv5 – Published: 2010-03-03 19:00 – Updated: 2024-08-07 01:06
VLAI?
Summary
Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:06:52.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "inotes-activex-bo(56555)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
},
{
"name": "62612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/62612"
},
{
"name": "1023662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023662"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
},
{
"name": "ADV-2010-0496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0496"
},
{
"name": "38459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38459"
},
{
"name": "38755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38755"
},
{
"name": "38744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38744"
},
{
"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
},
{
"name": "38457",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38457"
},
{
"name": "38681",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38681"
},
{
"name": "ADV-2010-0495",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "inotes-activex-bo(56555)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
},
{
"name": "62612",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/62612"
},
{
"name": "1023662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023662"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
},
{
"name": "ADV-2010-0496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0496"
},
{
"name": "38459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38459"
},
{
"name": "38755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38755"
},
{
"name": "38744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38744"
},
{
"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
},
{
"name": "38457",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38457"
},
{
"name": "38681",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38681"
},
{
"name": "ADV-2010-0495",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0495"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "inotes-activex-bo(56555)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
},
{
"name": "62612",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/62612"
},
{
"name": "1023662",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023662"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
},
{
"name": "ADV-2010-0496",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0496"
},
{
"name": "38459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38459"
},
{
"name": "38755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38755"
},
{
"name": "38744",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38744"
},
{
"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
},
{
"name": "38457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38457"
},
{
"name": "38681",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38681"
},
{
"name": "ADV-2010-0495",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0495"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0919",
"datePublished": "2010-03-03T19:00:00",
"dateReserved": "2010-03-03T00:00:00",
"dateUpdated": "2024-08-07T01:06:52.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"220211F3-8AF4-419E-BB10-0E954F002DFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4854AD77-45A0-45AB-B9DA-77FFB7531C5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86A823BB-48B7-4F84-A01A-754987FDBD00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B653AE06-0056-45AA-B321-391EE70532B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D5C812F-4B1E-42A1-A478-978DF925D22D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"723845C5-91E1-4BED-B41F-9E0A0DB629D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"229.271\", \"matchCriteriaId\": \"DA92AB06-5510-4109-AE3A-75834E5F8A00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62AF2DA6-98E4-4921-B36C-AA5771B3629E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CC0B87F-B742-466D-BF93-56BFECAC2E54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"708BEAEF-B186-470D-8148-9C0703B42765\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83C58751-33AE-4A3F-A096-AB13FC8A64A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01E2E70E-3C00-4AA2-AF8D-349E82806FA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3508BE09-6B84-4819-BC0F-7E23964FE29D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE8C8052-8980-4265-929B-E27B6A914B4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D6C0F89-47E6-4895-909D-6AF8DBFE2477\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"590EBAF8-04A9-4DAD-9FCF-B1B38FF03374\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"717F7305-98E1-403D-B08A-6FE1FD83D2C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CC9488A-F368-498E-8CDE-2ADC6AED470B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2F8C056-91A2-410B-942A-E108B93AD1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"805C7074-679E-4F11-A055-8C52B4E26F5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"840A1975-0C5B-44F0-9F2E-1BBE02AA0484\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33A29245-F9DA-4F77-91EE-21C1FA3CE784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B55ED49B-092B-411B-84AE-847770EE096B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"483C2E2D-424C-453B-9D51-F53C6B32178B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4348F385-9AE1-4F8C-9F22-BE50FCA3710B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F936FD55-AD59-47B3-8591-3F79B2ABB4E9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un argumento URL largo a un m\\u00e9todo no especificado, alias PRAD7JTNHJ.\"}]",
"id": "CVE-2010-0919",
"lastModified": "2024-11-21T01:13:12.660",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 4.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2010-03-03T19:30:00.743",
"references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/38681\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38744\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38755\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1023662\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/62612\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/38457\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/38459\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0495\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0496\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/38681\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38744\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38755\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1023662\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/62612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/38457\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/38459\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0495\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0496\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-0919\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-03-03T19:30:00.743\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"220211F3-8AF4-419E-BB10-0E954F002DFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4854AD77-45A0-45AB-B9DA-77FFB7531C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86A823BB-48B7-4F84-A01A-754987FDBD00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B653AE06-0056-45AA-B321-391EE70532B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D5C812F-4B1E-42A1-A478-978DF925D22D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"723845C5-91E1-4BED-B41F-9E0A0DB629D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"229.271\",\"matchCriteriaId\":\"DA92AB06-5510-4109-AE3A-75834E5F8A00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62AF2DA6-98E4-4921-B36C-AA5771B3629E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CC0B87F-B742-466D-BF93-56BFECAC2E54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"708BEAEF-B186-470D-8148-9C0703B42765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83C58751-33AE-4A3F-A096-AB13FC8A64A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E2E70E-3C00-4AA2-AF8D-349E82806FA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3508BE09-6B84-4819-BC0F-7E23964FE29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE8C8052-8980-4265-929B-E27B6A914B4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D6C0F89-47E6-4895-909D-6AF8DBFE2477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"590EBAF8-04A9-4DAD-9FCF-B1B38FF03374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717F7305-98E1-403D-B08A-6FE1FD83D2C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC9488A-F368-498E-8CDE-2ADC6AED470B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F8C056-91A2-410B-942A-E108B93AD1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"805C7074-679E-4F11-A055-8C52B4E26F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"840A1975-0C5B-44F0-9F2E-1BBE02AA0484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A29245-F9DA-4F77-91EE-21C1FA3CE784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B55ED49B-092B-411B-84AE-847770EE096B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"483C2E2D-424C-453B-9D51-F53C6B32178B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4348F385-9AE1-4F8C-9F22-BE50FCA3710B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F936FD55-AD59-47B3-8591-3F79B2ABB4E9\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38681\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38744\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38755\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023662\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/62612\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38457\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38459\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0495\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0496\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1023662\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21421808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg27018109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/62612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56555\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…